component-analysis topic
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
dependency-check-sonar-plugin
Integrates Dependency-Check reports into SonarQube
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
awesome-sca
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
dependency-track-maven-plugin
Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
dtrack-audit
OWASP Dependency Track API client for intergration into CI/CD pipeline
berryjam
Open Source Vue.js Component Analyzer - Save time communicating and effort in development to create better and more efficient code
dependency-track-plugin
Main repository for the official Dependency-Track Jenkins plugin
cyclonedx-go
Creates CycloneDX Software Bill-of-Materials (SBOM) from Go projects. So you can use it with DependencyTrack to monitor security issues in 3rd party modules.